Quick Take: Proof-of-Concept Exploiting Windows CryptoAPI Spoofing Vulnerability Released

On January 25, 2023, Akamai Security Research released proof-of-concept code that exploits CVE-2022-34689, Windows CryptoAPI Spoofing Vulnerability. The Windows CryptoAPI is the “de facto API in Windows for handling anything related to cryptography.”, Akamai researchers explained. This point makes any vulnerability in the Windows CryptoAPI particularly concerning.

“According to Microsoft, the vulnerability allows an attacker to masquerade as a legitimate entity.”, noted Akamai Security Research.

The National Security Agency (NSA) and the National Cyber Security Center (NCSC) disclosed the vulnerability to Microsoft. Microsoft announced the vulnerability in August 2022 and patched it in the October 2022 Patch Tuesday.

Akamai’s post includes additional vulnerability and exploitation details.

Recommendation

Patch Windows servers and endpoints with the latest security patch released by Microsoft.

Resources

• https://www.akamai.com/blog/security-research/exploiting-critical-spoofing-vulnerability-microsoft-cryptoapi
• https://github.com/akamai/akamai-security-research/tree/main/PoCs/CVE-2022-34689
• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34689